{"vulnerability": "cve-2024-3874", "sightings": [{"uuid": "b0c6d245-6e84-42a0-914d-1d508ffb597c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38746", "type": "seen", "source": "https://t.me/cvedetector/2283", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38746 - MakeStories Team MakeStories Path Traversal & SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38746 \nPublished : Aug. 1, 2024, 9:15 p.m. | 26\u00a0minutes ago \nDescription : Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MakeStories Team MakeStories (for Google Web Stories) allows Path Traversal, Server Side Request Forgery.This issue affects MakeStories (for Google Web Stories): from n/a through 3.0.3. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T23:47:39.000000Z"}, {"uuid": "d08873aa-96d2-4c58-9972-7eb034f1298a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38741", "type": "seen", "source": "https://t.me/cvedetector/1254", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38741 - Noor-E-Alam Amazing Hover Effects Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-38741 \nPublished : July 20, 2024, 8:15 a.m. | 43\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor-E-Alam Amazing Hover Effects allows Stored XSS.This issue affects Amazing Hover Effects: from n/a through 2.4.9. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-20T11:26:32.000000Z"}, {"uuid": "98a18904-9f8c-41fd-a1da-4052417a3012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38747", "type": "seen", "source": "https://t.me/cvedetector/3004", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38747 - HitPay Payment Solutions Pte Ltd HitPay Payment Gateway for WooCommerce Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-38747 \nPublished : Aug. 13, 2024, 11:15 a.m. | 26\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HitPay Payment Solutions Pte Ltd HitPay Payment Gateway for WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects HitPay Payment Gateway for WooCommerce: from n/a through 4.1.3. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T13:46:11.000000Z"}, {"uuid": "aaeffc4f-1277-4b7b-88fe-e910c32f4ca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38742", "type": "seen", "source": "https://t.me/cvedetector/3003", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38742 - MBE eShip Unauthenticated ACL Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-38742 \nPublished : Aug. 13, 2024, 11:15 a.m. | 26\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in MBE Worldwide S.P.A. MBE eShip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MBE eShip: from n/a through 2.1.2. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T13:46:10.000000Z"}, {"uuid": "23c69dea-5b37-4990-9190-321286196b96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38749", "type": "seen", "source": "https://t.me/cvedetector/3000", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38749 - Olive Themes Olive One Click Demo Import Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-38749 \nPublished : Aug. 13, 2024, 11:15 a.m. | 26\u00a0minutes ago \nDescription : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Olive Themes Olive One Click Demo Import allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Olive One Click Demo Import: from n/a through 1.1.2. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T13:46:05.000000Z"}]}